This Privacy Policy describes how Vital (Thailand) Co., Ltd. (“Vital”) mobile application (the “Vital App”) collects, stores, uses and transmits information and data.  By using the Vital Application, the User consents to this Privacy Policy and the terms herein.  Vital may change this Privacy Policy from time to time.  It is the User’s responsibility to check this webpage periodically to see if any terms have been changed or modified.  The User’s continued use of the Vital Application constitutes the User’s acceptance of any updates to this Privacy Policy.

 

Please be advised that the User’s use of the Vital App with healthcare institutions may be subject to that healthcare institution’s policies, terms and conditions.  While connected to a healthcare institution’s system, the healthcare system may receive, collect, store, transmit, share and disclose certain data and information, including but not limited to information and/or data regarding usage of the User’s device and software, as well as the User’s personal information and geographical location.

 

Importantly, by registering as the User of the Vital App, the User acknowledges and agrees that Vital may collect, hold and share sensitive information about the User, including information about the User’s health. Except as otherwise permitted by law, Vital only collects sensitive information about the User if the User consents to the collection of such information and if the information is reasonably necessary for the performance of Vital App functions, as described below.  

 

Vital takes privacy and confidentiality very seriously. Vital takes reasonable steps to maintain the security of the User’s information and protect it from unauthorized use and disclosure, and to ensure that any recipients of the User’s information will protect it in accordance with the Thailand Personal Data Protection Act (PDPA).

 

The kinds of information Vital collects and holds:

The types of information Vital may collect include:

• Account data (such as email, name, profile name, phone, etc.): all data to create and maintain the User's profile and ensure a smooth use of the services.

• Technical data related to the usage of the Services (such as IP, device, OS, etc.): all data ensuring proper technical functions of the Services.

• The User's input data related to health and personal information needed by the AI to analyze and create a personalized report for the User.

 

How Vital collects the User’s information:

Vital may collect your information in a number of ways, including:

• Directly from the User or someone caring for the User, for instance when the User provides information on the Vital App or website, complete an application form, or enter an agreement for the Vital App or any integrated services, or the User contacts Vital with a query or request or to resolve an issue the User might be facing;

• From our customers and partners, such as health insurers, hospitals, primary health networks, government agencies or employers, who make the Vital App and its functionalities available to the User; and

• Information about how the User uses the Vital App or any integrated services;

 

If the User chooses not to provide certain information, we may not be able to provide the User full services and access to and full use of the Vital App or any integrated products or services. 

 

How Vital holds the User information:

The collection and handling of any information contained in the Vital App is governed by Thailand Personal Data Protection Act (PDPA). Vital stores will generally be held in electronic format, in secure storage facilities that comply with Thailand PDPA’s requirements.

 

How Vital secures the User information:

The Vital App is designed with the User’s security and privacy as the highest priority. Vital understands that the User’s personal information and health details are private and sensitive information and Vital will ensure it is kept that way.

Account and Password Protection

• The Vital App is designed so the User’s account is only accessible by the User (or people the User authorizes).

• The User’s account is password protected.

• Vital enforces a strong password policy and uphold best practice standards with regard to password management, such as non-reversible hashing for storage of passwords (this is a one-way function that changes a plain text to a unique code that is irreversible).

Data Encryption

• All personal and health information accessed or stored by the Vital App is always encrypted at rest and in transit.

• Vital’s security measures include strong cryptographic standards.

Security Monitoring

• The Vital App is subject to ongoing security programs, including penetration testing and security vulnerability testing.

Network, Infrastructure and Hosting

• Vital’s network and infrastructure are designed with security in mind and are hosted in global standard data centers.

Vital App security

• The Vital App is registered on the User’s device and accessed using the User’s account username and password. The User also has the option to enable fingerprint or face id login on compatible devices.

• The User’s account and data are only accessible by authorized users with their unique email address and password.

• The Vital App does not store any of the User’s information on the User’s mobile phone.

 

The User’s system security:

While Vital takes all precautions to protect the User information and interactions with the Vital App, Vital recommends the User to take precautions to ensure the User’s devices are kept secure. 

 

How Vital may use the User information:

Vital may use the User information for a range of different purposes, including:

• To provide the User with, and support the operation and functionality of, the Vital App and any integrated products and services;

• To enable the User to view, store and monitor the User’s information;

• To administer and manage the Vital App and any integrated products and services Vital provide;

• To provide, evaluate and support the Vital App, including health records management, health records interpretation, health suggestions, secure communications and technology services;

• To provide the User with customer service, including to assist the User with enquiries;

• To monitor network use, quality and performance, and to operate, maintain, develop, test and upgrade Vital’s systems and infrastructure; and 

• As otherwise authorized or required by law.

Vital may request the ability to access the User’s phone’s calendar to allow the User to create appointments through the Vital App, and the ability to view the User’s phone’s calendar to ensure duplicate appointments aren’t created. Vital does not otherwise collect, hold, or use the data from the User phone’s calendar.

While Vital also uses some application data to gain a better understanding, through analytics programs, of how users utilize the Vital App and any integrated products and services, this is undertaken on an anonymised or aggregated basis only.

 

When Vital discloses personal information:

Vital may provide the personal information of the customers and prospective customers to other health professionals and also to third parties who provide services to Vital, including organizations and contractors that assist Vital with the purposes for which Vital uses that personal information. These services include:

• Customer enquiries;

• Information technology and network services; and 

• Mailing operations. 

Vital may also exchange personal information of the customers and prospective customers where appropriate:

• With Vital’s related entities;

• With law enforcement and national security agencies, and other government and regulatory authorities;

• With third parties who assist Vital to manage or develop Vital’s business and corporate strategies and functions; or

• For the purposes of facilitating or implementing a transfer/sale of all or part of Vital’s assets or business.

Vital may provide information, including sensitive and health information, about the User to the User’s usual medical practitioner and their employing or contracting organization, or within referrals to other healthcare practitioners. This will only be done subject to the User’s consent.

In relation to information contained in the User’s health record, Vital will not store the User’s health information, or share it with unrelated parties.  The health record interpretation is presented in the Vital App for the User’s convenience and personal use.

 

Third-party contractors:

From time to time, Vital engages third party contractors to provide support services in relation to the Vital App and any integrated products and services.

Vital takes the privacy and confidentiality of customer information seriously, and has implemented a range of measures to protect that information including, depending on the circumstances:

• Strict monitoring and access controls regulating which staff can access particular information; and

• Network and premises security.

 

Access to third-party services:

Connected with the Vital App, Vital may provide the User with the opportunity to connect to other third party services or products. Vital does not endorse these third-party services or products and the User should review their corresponding terms and conditions and privacy policies before using any third-party service or product. Vital accepts no liability in relation to third party services or products.

 

Cookies:

A cookie is a small file of letters and numbers that Vital stores on the User’s browser, mobile device or the hard drive of the User’s computer in order to improve the User experience by remembering whether the User is logged in to Vital’s services, and to analyze how the User uses Vital’s website or services in order to improve the general the User experience. Vital uses Google Analytics in connection with Vital’s products and services (including the Vital App) and Google may set cookies on the User’s browser or read cookies that are already there. For more information as to how Google uses cookies in relation to the Telstra Health Products, please see “How Google uses data when you use our partners' sites or apps”, (located at www.google.com/policies/privacy/partners/, or any other URL Google may provide from time to time).

 

Direct marketing:

Vital may also use the User personal information (other than information contained in the User’s health record) so that Vital can promote and market Vital’s products and services that Vital thinks will be of interest to the User on an ongoing basis. This will only be done with the User’s consent.

This marketing may be direct marketing by mail, telephone or electronic message or by customizing on-line content and display advertising on Vital’s websites,  and may continue for a period after the User ceases acquiring any products or services from Vital.

the User may opt-out of this marketing by following the steps in the marketing communication or contact Vital using the contact details set out in the “How to contact us” section of this statement.

Vital does not sell or otherwise provide personal information to unrelated third parties for their direct marketing purposes.

 

How to access or correct the User information or make a privacy complaint:

If the User wishes to access any of the User information that Vital holds about the User, or the User would like to correct any errors in that information, please contact Vital using the “How to contact us” section of this statement, so that Vital can respond to your request. 

 

How to contact Vital:

If you have any questions in relation to this statement or our management of your personal and health information, please contact us at vitallifedev@gmail.com